Easy Steps For Recovery From A Website Getting Hacked

A website getting hacked is no news today; it has become an almost common thing. So, what to do if your website is hacked? How to work on recovering things and bouncing back? Well, it’s not that difficult. Here’s a look at some easy steps that could help in the recovery process:

Step 1 – Inform hosting company, do some research of your own

The first thing that you need to do is intimate your hosting company or the person who is hosting your website. The host would be able to fix it for you and they could also check if other websites on the server have been affected. Doing some research of your own is also good. You could look for tips on online forums, community etc and you could contact experts/specialists who could be of help.

Know more about Russia than your friends:

Step 2 – Turn off and quarantine your website

Turn off the website, quarantine it until the issue is resolved. You could also point your website’s DNS entries to a static page on a different server that utilizes a 503 HTTP responsive code. Taking your website offline would help you as well as the visitors. You can complete all administrative tasks without any hindrance and the users of your website would continue to remain uninfected. It also helps control the spread of the malware.

Also remember to review user accounts on your website since hackers could create new accounts, which need to be deleted. It’s also better to change all passwords for all your websites and accounts, including the login credentials for database access, FTP, system administration etc.

Step 3 – Re-confirm ownership of your website

Yes, it’s your website. Still, you must verify the ownership of the site in the user search console. Hackers sometimes mess with the settings and hence verifying ownership helps you determine the extent of damage done and understand the nature of the attack.

Verify your website ownership by opening the browser, navigating to Google Webmaster, clicking “Search Console”, signing in, clicking “Add a site” and typing in your site’s URL. Though there are several verification methods, use the one that’s recommended on the recommended method tab on the verification page. Bring site online, verify and take it offline again. Now verify ownership on search console by navigating to main Search Console page, finding your website, clicking on “Manage Site”, clicking “Add or remove users” and reviewing the list of users and owners listed. If there is any user you do not recognize, delete it after document the email address. Also check the search console for any changes that might have been made under the settings icon. Note down and remove any unusual changes found.

Step 4 – Figure out the severity of the attack

Check the information in the Message Center and Security Issues in the Search Console to figure out the severity of the attack. You can understand if the attacker has distributed malware or disbursed spammy content. You could also understand if the hacker is doing any phishing from your website. Check for messages from Google and see the headings of hack types under “Security Issues” in the Webmaster tools.

Step 6 – Identify the vulnerability

Try to find out the vulnerability or vulnerabilities that could have led to the attack. Remember, there could be more than one issue, so don’t limit yourself to detecting just one vulnerability. Use a vulnerability scanner.

Step 7 – Clean, maintain your website

This is important. Before you begin the cleaning, locate support sources to check if confidential information has been lost. Remove all new URLs created by the attacker, but don’t remove any good pages that were simply damaged during the attack. Remove those that needn’t appear ever in search results. Submit pages to Google’s index using Google’s Fetch in Search Console.

Step 8 – Clean the server

Restore from a backup that was created before the hack happened, install software updates/upgrades, eliminate software that’s not needed, change passwords again to all accounts related to the website.

In case you don’t have a backup, make two fresh backups, even if your website is still infected. Now clean the website’s content on the new backup file system, ensuring this is not on the server. Correct vulnerabilities you find on passwords, eliminate widgets, applications and plug-ins that the website doesn’t use any longer.

Go for a clean installation, transfer the good content from your backup to the system and change passwords again if needed.

Step 9 – Do a re-check of what all you have done

It’s always good to do a re-check, you can’t risk it once again. Check if you have removed all unnecessary applications/plug-ins/widgets and ensure that are using the latest and securest software. Check if you have removed all the content the hacker had added. Also check if you have restored your content safely. Make sure you have done away with the vulnerability that caused the attack and also ensure that you have a good website security plan in place.

Step 10 – Request Google for a review

Request for a Google review, to have your website/web page unflagged. You can request review pertaining to phishing at google.com/safebrowsing/report_error/. If it’s relating to spam or malware, you must go to the Security Issues report given to you in the Search Console and click to request a review.

Once all this is done, wait for the reviews to be processed. Depending on the type of reviews, it could take a few days or sometimes a few weeks for the response to come. Google will remove all warnings from browsers and search results if things are all fine. If not, you will receive a report in your Search Console.

Once things are approved, check your website to see if everything is working fine. Now relax, but remember, security should always be top on your list of priorities.

Related Articles

This Vietnamese Browser & Search Engine Is Daring Google To Step-Up Its Game Forbes Full coverage AddSearch Custom Site Search Related Posts:5 New Mobile Browser Alternatives to Chrome and SafariGoogle Apps for Work (G Suite) 2018 […]

Funding round led by Lightspeed Venture Partners; two years of growth at Exabeam highlights demand for an alternative to failing legacy SIEM solutions. SAN MATEO, Calif., August 14, 2018 – Exabeam, the next-gen security information and […]

What is Spotify? Since music-streaming service Spotify launched a decade ago, it’s been joined by rivals from Google, Amazon, Apple, Deezer and Tidal. However, theoriginal still leads the way when it comes to supplying music […]